[Dshield] Windows UDP Packet Sending Process

Jon Kibler Jon.Kibler at aset.com
Thu Jul 3 08:13:49 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rich Groves wrote:
> Jon are you certain what you are seeing here isn't an attempted Teredo
> tunnel setup ?
> 

I cannot say for absolutely certain that is not what is going on here,
but I doubt it. The destination IP is to a server farm, and checking
their web site, I see zero about IPv6 support.

However, if that were the case, how would I identify the process
creating the tunnel and are there any packet characteristics that would
give it away?

Jon K.
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhsij0ACgkQUVxQRc85QlO1ywCgnZY1KclQ0CpTAcKvPCSHv/xU
P3oAnRDMkAbi/iZGX7huAwO0Oc8idcBP
}iJ
-----END PGP SIGNATURE-----




=========================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list